The NSO Group has denied that its spyware was used to compromise many politicians’ phones, but WhatsApp is telling a different story. The chat giant’s CEO, Will Cathcart, told The Guardian in an interview that governments allegedly used NSO’s Pegasus software to attack senior government officials worldwide in 2019, including high-ranking national security officials who were US allies. The breaches were reportedly part of a larger campaign that compromised 1,400 WhatsApp users in two weeks, prompting a lawsuit.
The reporting on the NSO “matches” with findings from the 2019 attack on WhatsApp, Cathcart said. Human rights activists and journalists were also believed to be victims.
The executive was responding to allegations that governments used Pegasus to hack phones for 37 people, including those of women close to murdered Saudi journalist Jamal Khashoggi. Those targets were also on a 2016 list of over 50,000 phone numbers that included activists, journalists and politicians, although it’s not clear that anyone beyond the 37 fell prey to attacks.
NSO has strongly rejected claims about the hacks and the list, insisting that there’s “no factual basis” and that the list was too large to be focused solely on potential Pegasus targets. It also directly challenged Cathcart, asking if the WhatsApp exec had “other alternatives” to its tools that would help thwart “pedophiles, terrorists and criminals” using encrypted software.
Cathcart, however, didn’t buy that explanation — he pointed to the 1,400 people as possible evidence that the number of targets was “very high.” Whatever the truth, it’s safe to say WhatsApp won’t shy away from its lawsuit (or a war of words) any time soon.